Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Microsoft Still Suffers Insecurity Complex



 By: Jim Rapoza
2002-01-07
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
Microsoft just endured one of its worst years ever when it comes to security problems, which is really saying something.

Microsoft just endured one of its worst years ever when it comes to security problems, which is really saying something. And to top things off, it ended the year with a near flood of trouble—from new viruses attacking Outlook to holes in IE 6.0 to vulnerabilities in SQL Server to a serious hole in its "most secure" operating system, Windows XP.

Whenever I bring up Microsoft security problems, someone is bound to say something like "They have the most problems because they are targeted more than anyone." There is a bit of truth in that, but the company could make life a little harder for people who are targeting it.

Instead, Microsoft—again and again—allows security to play second banana to whatever cool, new productivity feature it wants to add, no matter how much lip service it pays to improving security.

Resource Library:

When Microsoft introduced active content in Outlook, we, along with many in the security community, said it would create a security risk. But Microsoft blew these warnings off as theoretical and, instead, touted the gains that would be made by making mail more automatically responsive. The same things were said about programming in Office documents, ActiveX in browsers and poor default configurations in IIS.

Every time, Microsoft decided to tout marginal features now and deal with the security fallout later.

Now we have a major problem in Windows XP that makes it possible for attackers to remotely take over systems. Was this a surprise?

Of course not. Every review we did brought up the potential security risks of all the remote management and automated remote features in Windows XP. But Microsoft simply responded that Windows XP is the most secure Windows operating system ever, and, hey, arent those remote features cool?

Will this change?

On the server side, Microsoft seems to be making good moves to make systems more secure by default. However, when it comes to productivity and general-use products, I think that worries about potential security risks will always be pushed aside to make way for the latest cool, new feature.

Does Microsoft sacrifice security in favor of new features? Let me know at jim_rapoza@ziffdavis.com.





  Reader Comments: Microsoft Still Suffers Insecurity Complex
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Jim Rapoza
 


x}r㶲s\@♵M=ҔlcؖI*%Bc")JN~b:?qtMZe2{<5D th4{$sG7L{B.cnQ?sOG3齿O$w}L9UQ#C3W)92 E]0eNznDzpDwd>J`OS{S )5'Ӡ5ޙ Q}_6g2z9o0 fE63&6IE9JDqDRงGEQ>߱L㈄-:;|7*UN83p{f_ʞ0IQIM"x<&j>vn=ݣw2`~|!k`T黖8$CM-G ؓ ۭ@5lvy!rs#g ݻH͠L$Gd`jI:D*"4C2R!p 9%Rը>3-u@|ݖ|cXulAzf@dȢq/#!_TBp`VRBmO,Ӈ;)X ۱ȭC ¿{׳߂C}t;mgE-"'l,Rۆ@ظ?0}$OL"S9ˡ,Fp0,sti #M-jZUQ bkG{}޴ ޷L{`T3{;o~wUMSEsv#GA nmh[J"ZAP\tNi\v? 9N|'[oLR*rP8%ȇ t4z`rM7JQ߸+ZVH+(.գQ[zOa`%pfQUri[򳹥}o__]wzmo_wڧ>ߘekfy3?b Jg3F~3G_:nN[77VGNפ9i>;sِlnAZ|YkU[_lxmx0|kh2`=r8LwjT{dZݓ6 I|S8VEuֿ8'=M%%wܿ/Rx3oF5 tA%4ȌSHu t9~}M'Zf-Mn #dh|]w p3Z&9T23=MH:Ƃ5ņ])!edFSۤ%/^(P%!P샖_.[ jFTwIQQ#w=^f/\R@1Al8{ØWҽT7wsY 9tipq^oVV͉:]XYujZnE?´;{8m7-һ^5?aUb}PhvZM]qsuTSt*Zl:}5գ"TG-dj`qaeJݠc}nywσ`DgIG|F s>uN< EC#ɠ:ڴb{\gf&h`C:}ҍ:L w|hx: C 00gw9&ztH۠h&r<kIOlLJ.??6 ; G`p&;xk=`DkwCPb1LTE}vACAX' #}S(r`nZдc@k断,0!.(2n( ,9؂rij><:NX鹞~om0TNϣ(a!w1 ZJkX"L M=t%\4(e\8XbO`.#Všc-fˋ°w^]v˦?~1l2^ۄC= 0͉V*a0؋TMk<ݝvmZB_` /Ƥ_$I?րH{A2,exY΁5mIr 'jY$ Ei.0y$pսT:cDA#Ez . @ ЏBrAaj D"T `nR@;kRUԓtZC ^~~ JI:dzt4}ڣnssQ*JW3 R|OjZ(T+15ǩUT9*J7+|&9)R3KG)Nb_ޝoh`1gRJo0t.tȕ`s|eLFմlxTa)Ry=0f݅rI6S07GGѽWKVG=iv? jGswq5`EY_̡ޭ쮫F'F voS(0f4Ӣ-Rxsֽe=UN᧘ZЁQ}/5u<|X\.``!>ߏz0f&Ш)lTgm/RU *~e;:{oJ.4F@2<"C8bS>tV}P@K!nΚ667/=Ot[̍<9yn2%8z0JL;%9 $ہ3Bnbۤs:n&2006y-0P>O\մRߖ,09W|)3p3 `Ϙɧb_`pl1\Anc>GsWnyUm6~z&zi1bZ`7=3#[(4OQkX9 6 &RrMuE;tЋ­7*6P#I?Q*~ EPGIպi2RBE-) CoED\v[/he~6Kfb;?lͥZ57g XsB5x) 0%ezIMqza/;CnK-%. ^ذ:z6]6%Q;o^n Zf$s, .i:-efF*ݐGUksVB gI= g?amy:J"{q*N3>L̾~xf;C {Dڝg( ^-{4.HV_tD`˖Թh~h0.[-tJj2m&A)pQ?rfWϊ۫fչ ]wi?`y Bn߽p.:K'5?wD;m)^{%y0N<|m48nZ&IEyDcxH;zidLi-ҽn9`R4c-ɅHg fhtZ19 ºUXȬe`|]L($T0r$`$X)XCu:]7?GG:KyP^S(+RJ)"4FL |Zu3_f Rt<~Ur:Pעo1Mr!}J_cNfo4~P6=8,rh%縍vRt0?x>6z?"i^_w jE5p!ASB9kթ-xOӖO|B[aJ;DLa2߄u?Is6uYH$<1OђN)tJȓÓ!F=)*چIդ28I5F4A2 uIH? Md4XPWl Pق'59ܻ8^]ҹs<<RpLCRCs<'B}$XyKw8Ť3DJ^KjpVKM^N4~xr'|'xj}yUY^=t#jVuwfܣcDi:n{GQ =dznO8Z𿲜\ta_}`|;=sF'5\{ v,QM xqf=;0 t 7Xhg-{oCĆ'4dwD/'yV7N{m,d1]foc_; ?--8tǠCR#K1M&$Z^VP**sᔤ˞ȔWN HXd1 0d&'q=+#{G{ }!.u01y+-R!ekEwWUKK㒏ʲE:'%:mחB}{k!bi4V3XT=}v[fvÏ9&i N;xor:? G Ofxf79g; 9P`-ݺܭ)³$`GDA3}缩g涣A jm ڄ0\9f> V*?BWc+YT>9b;b%^ n)1 &c; +~1ȩɎ:{w~!0W"|RKf xlic.5&mB0ϗGgNƋ{E҈qC@jq0}kǻP 0;|O?*ڑB (y9`/B{:'sD W܍QW J'YFwbşnGus2hkLI">'2u؉[<}ϳ "rG{YJmY%71$foT\  -1qSiћO&G˒ p˖Mcyl(9`颓Jyt0~?YYMY2a'gνwV[ &GԸ T gikJSuL(C1QU(KrbS" * /]L V㾕؊,V=b'MTJ^I?xE2^\V{ܒ:JL[)KZpK+$}Ǿ4->1 #Erge>x CLv:pbyoxlp/CCh˺E``]{g?,&-\$r%tVXo2]EڼA&!~#]Zt,Fl1]?'W'^n׫%MK$6iROrN'C,*%!Po)̐W6TS&ՅiXM ǖWr@GK0<aB gKB =~DNr.pe}/%PD)AҔLA剴h<;7NVx*X𥈑Ҷ½eŗ\sd r2Ǯ8w~~~񾮏 c>X77^_Fb!u Kee4G^S0"*ft1D_yy:{ڗɲN`G㣽#"%fy8Rzf}}w&<{"NEA.,oҀCr79C$D @$ "!yomޢƄ~r%(d 5 L6^2 -:XޤOgDp!P.`=%絉j<ĖbSIޅ"tcK-} *039t;[F0fv'@$Ԓ{*m{KV{1hm)K›`zxAE;a[푌Gj"' z`{)517 5QOx_ڋK۪_x8̋}N˼ jMZNړ䭨iİO:M^4bVd=-Tw߁^<=G!F 6+ky3} )·x^ҌSٿgG^;P`܀;*ZWqUzZP,%\k>mOC g !n1J HQ^O/ :ä="Lqeͦ20aS:6M]|z@~RJ~~/`\ t;8~/$&ФC>y|ϔ [DxQ)_.^owZN Avxrwf$QVVFaw9Ƕ6/?Vǫv0}M[ŭ+pBYWP؞48!$9pel|y=F?P9E={CDNteQ+"$]ڔPVôLE'Ʈ$Jjad$}$ƽƢtyϹgLh 긺\'[a0_q1V&GBA8AXJo,"xa owquQ%IҲfzy0lsh*b4 BM;* }L16P|%Jӊ,w)]dDo=?5ꮐ֘1h*B UٜAKu*Z!3,sJku <ڜ>7LyM13цX50yfDZGav̈́q|W@O[jkwhDPULuۖS7)1'찔?1D{xC+t c?tk6٦KMµφAʥ 8I֡Q Dc'2&U"cmϪJ~RRꑻ!qgTjQy?>]cO, ,TO䲈֞uvücn?y r Y Z Ra)zdIO指^dH>HP*$Zz/[rXpr|w\ۭ5J\~lԮ}1qtv+^Rc"W6mMSz6YBҢ3F;6vCW5ATJ{=yJ "?bu{ι\`[X]IYqc[RJBYIc4K":;Mf gۦ~ lсHz.:N#V¯mR9ʵVܞVkwk0儔JzN۠ᵥ1iL( v΍1 \TbЭB1˪M;InP}sY?e=` '2t/xqB =Jl~##dM,}|U:h|%w@m[Њϯ#>o{I XPp#}MA9(WTD~6 Nd>Mx\Hґu /`< wz̥7f?= N8j joEֹIz# ,@'eꊍ\DQLB p4TCsN.7v߾U Cy|Q_SoX vy7ջ 죋B = -9asH ]TW\AfxG3Bx7t'leH\աu/ O醾!B|1GB(׼9Ĝ#XvTo|}SjJ ";'pp\`sj@K$3L*2&Bs85{_{=&n%[ր aAJx&^94qb1Ř!&"=lFLN1O" jN=Qp\11Faŷ^(l;b21c|>Om0%/$Z`,%-AS "PV: 1C^bJ ͍$u~{4`:>"(S[]ă0T]3(OqW'NgCjt``\oN+r P:ς-|)s!aZ;<QB<䱤Pl <'6OLo12K"( @Ka1c~PoVR$4 >(>gٕa)豪ԕ/7)ޔ ;eeK=M蕴B%^Șq~/Yw40Gu0 }a3brOuvcѼ:LNפINmx;\;Kr>&lkM/WQwq{sپ\sSӃSf&R0mw 5e9š'\ «.Y3U94dG_0}4elCx#UzUzu7 &6BfuljŵN#g5^L%'u/}uLfpXmnTX!>E'}ҽlIJ/6ρ33_2ʯzsI8QޅnF9rzsy hjg@Si}>@?dG(ku6wZFQd3ˌr'?r{埡sfE\_,@ߋ ^}.2s_dy2z'(Q~gd_@EF9e^\f%eu݌wAt3OK7C\\e5u^=A6_SV9)O@Orߛ o2ڿ\'I73y S*Rq/2苬+ OY射<(Ay>++P/nt3 ث : ?3/z^}NV&/n+^a芪g-5nZ ǸJuv^_A5KHe^ۛTCGP78%Y}MNJ 4tk 7b[yDYAI{R}tEI>tiDLw<_[nNJ>s\ȜHǣW0'f[ G|,y|e8Nt71 }^fh#]~̬((G.v8)n7pK|SG0nsOkr>u2[~|^Y;yx߇ oRgU'K_u}ςoDV)pF ;F,R+|c ,>hعkjzrt=på͹H|7atc0L ;J墦 V˕R;~O;F"M<dATMVYI0ZYrF(RB4|O۴W)]7tCsc<{+4аY-}"z5~L@NLc6"/cZA6of)3^8,{|y؛ގe@7 J,5{SЫD@.^s/7:tp) ?dD:G|q8Ss#ӄwY!DӸx4@;4Dʹ)9P3G)b|337rɌB΄[6пC7s%(MLu6Eؑf[n%c$Q#"9<;$}F(r1>taxap7t}4w<1 Ɓs(*&-c ]&N=Xv7i:+jb5)"QviFS W.Ews>q Y|5h_ui匭H-'c@诿N`Xkt J7wt#byŅr\u[ > gxt1?-mgvlCk;vu7Lђr'/TB# |pٝL؅[$2^~1[C$Ҵ)'Kˌ˟$4n_sӞ?Xl> aދ0a|q ^yl x Qh/I'kQ~m%0qnFuw$>}T.q sEeבe,&J B8̈́tywlPF 7 "s k!v+2}jQwh}r:WXsWWläL\PxUE'0P$=Cf K,h :BQf7qk km"t^wkdU9Hr&zu h$.7=k"6: gKb7DZZ9=vļKlAm{Զ'x*D;Oulם8G P⁜0ћsx_UT$zlz$_Oxƪ~Saxr=&= d M-IS`"r:Y W96O~0qGĶ2C|R4ϜUpvRv ?93_Zmrxgsҭc@EqDgPvxGmm<^|:y-E{Ofuݍ2ZWtmk]#+b 1C>`]R>Ŕ+ ]'[ۧ3й?-{w/e;n_X (K#LwEN8uF얢u.nD{~w1Ǹ 0tcz7^?W- ɤ{-̅2 !δ^xyu~ҕ^)If`cQd+8*)ؐrk`4bOP1, Qv7}`N*)Asa#El ;ApN--8LgѸ8"?ZU9s, j7Wxozc|>[zw0XjPtP9͓ a0+=:`-hs&Sǂ!0ѕD1F(g,1.f Ax=`#hxj<nh1)d'kIɻ#795I }˦bN܌aB"br L%g% 3^೐|,/A-r*r*]xD4;NbŠbiOR<'\B/0,#ŠN|]r1^e_:m^t?Jzn`gg^vXvQJe